Networking

Victim uses remote access to catch laptop thief

A tech-savvy man from White Plains, NY used remote access to track and help police catch the thief who stole his laptop.

A tech-savvy man from White Plains, NY used remote access to track and help police catch the thief who stole his laptop.

According to an October 1st AP report on CBSNews.com, Jose Caceres' laptop was stolen when he left it on top of his car while carrying things into his home. For nearly a month, Caceres remotely accessed the laptop each day to watch his computer being used. Caceres' initial efforts where unsuccessful, but as the story describes, the thief eventually made a mistake:

When he first tried to figure out who had stolen his computer by logging on remotely, Caceres said he was stymied in his efforts. "It was kind of frustrating because he was mostly using it to watch porn," he said. "I couldn't get any information on him."

But then the suspect typed in a name and address to register on a Web site, he said. A few hours later, police caught the suspect.

IT pros can learn two lessons from Caceres' experiences. First, teach users not to leave their laptop unattended, even for short periods. And second, remote access tools can be used for more than just support.

Have you found a cool, secondary use for remote access tools?

About

Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop supp...

23 comments
ashupage
ashupage

Sir, I am Ashish Sharma from INDIA, as a system administrator from Kishor Exports at AGRA (INDIA). Bill Detwiler, I would like to know about software of save to my laptop to thief, so please send me any link or software please sir.

cappuccinomonster76
cappuccinomonster76

LOL that was funny... yeah I agree that the thief was a loser and a dummy but then again, if he was any better he wouldn't have stolen the laptop. Pretty creative use of remote access. =)Kudos

tinyang73
tinyang73

I use Adeona: http://adeona.cs.washington.edu/ "Adeona has three main properties: * Private: Adeona uses state-of-the-art cryptographic mechanisms to ensure that the owner is the only party that can use the system to reveal the locations visited by a device. * Reliable: Adeona uses a community-based remote storage facility, ensuring retrievability of recent location updates. * Open source and free: Adeona's software is licensed under GPLv2. While your locations are secret, the tracking system's design is not. The Mac OS X version also has an option to capture pictures of the laptop user or thief using the built-in iSight camera and the freeware tool isightcapture. Like your location information, these images are privacy-protected so that only the laptop owner (or an agent of the owner's choosing) can access them."

mdyson2038
mdyson2038

gotomypc.com does not log you out and the only way that you know that someone is login is the startup tray icon turns from white to green and you can see everything going on on the remote computer. it does not need a static ip. we use this at work and it works great.

martha.d.vaillancourt
martha.d.vaillancourt

Next time just trace the IP address and it will lead you right to the theif. There are some good IP traker software options out there. My favorite was TouCows.

macgvr
macgvr

I am curious what remote access app he was using. Normally Remote Desktop logs out the other user, dead giveaway, and you can't see what they are up to. So, was it GoToMyPc or something else?

Bill Detwiler
Bill Detwiler

When his laptop was stolen, Jose Caceres? used remote access to track and help police catch the thief who stole his laptop. Original post: http://blogs.techrepublic.com.com/itdojo/?p=179 IT pros can learn two lessons from Caceres' experiences. First, teach users not to leave their laptop unattended, even for short periods. And second, remote access tools can be used for more than just support. Have you found a cool, secondary use for remote access tools?

Jellimonsta
Jellimonsta

I am a Jellimonsta, but how do you make a monster out of Cappuccino? :D

Tank252ca
Tank252ca

"gotomypc.com does not log you out and the only way that you know that someone is login is the startup tray icon turns from white to green" Is that a feature of the corporate version? The personal version generates a pop-up in the task tray when you connect and the user can see what the remote connection is doing.

jnoll
jnoll

many times a remote access program can come in from another port and access the machine without the local user even knowing it. a hidden user is created in advance and the rest is done incognito. If the remote user has admin privs then they can monitor "all" user activity through logs or even "watch" live operation.

Forum Surfer
Forum Surfer

If someone stole my laptop they would have a hard time short of an os wipe to even hack into it. With things like encrypted hard drives and disabling alternate boot devices in bios (or at least set them to require a password through bios) it's not to hard to make a laptop impossible for the average person to get into...especially some random dude using it to surf pr0n. Granted...a reasoably knowledgeable person can break into about anything. Kudos to the guy who caught the thief though!

rignald
rignald

LogMeIn (free) also works beautifully and it is up and running even if the user did not login yet to the machine. Hell, you can even help the thief to login, just to give him/her access to internet (guest account or so)...and then later catch him when he uses personal information on it.

Will007
Will007

Not that I am siding with the thief, however, any tech savvy person would have wiped the hard drive and installed a new OS! LOL! What a loser!

RipVan
RipVan

The story reports: he was mostly using it to watch porn,? he said. ?I couldn?t get any information on him.? I can see it now. He tells the police "...well, after 4 days, all I can say is that he is partial to cheerleaders and goats..."

StealthWiFi
StealthWiFi

What remote application did he use and did it report the address to connect through to him (phone home) or did he know the address, if the latter then how? My users travel alot and take their laptops onto construction sites with them, it would be wonderfull to have an app that will phone home anytime it's connected to the net event just to report it's address. I have not found one and those lojack apps I don't really trust for theft prevention. I have heard good things about the lojacks embeded into the proccesor. Cheers,

timkelly59
timkelly59

Exactly, it kind of sounds like the victim may have known the thief. First off, why was the thief able to get into the laptop? did he not have a logon password set? Otherwise the thief would not have been able to use the laptop without wiping it an installing the o/s. I doubt the thief was smart enough to be able to hack the password, and not then think to disable any remote connection s/w.Ha...

StealthWiFi
StealthWiFi

So say I setup Ultra-VNC and no-ip.com so now I have the users external IP and a way to connect, if they are behind any basic Linksys...or whatever brand wireless router at a coffe shop that has a simple firewall how do you get through to connect to the Ultra-VNC box you need? Not like you can sit their and poke holes in their firewall (well you could if you know how but let's net make it more work than needed)?

Lovs2look
Lovs2look

Don't know what app the guy in the story was using, but UltraVNC can hide it's icon and prevent users from shutting it down, also runs as a service so available even when no-one logged in. Absolutely free. Perfect. Love this story - what beautiful irony. Thief takes technology, technology takes (down) thief.

petremure
petremure

Alternatively, you could use a free app, like Laptoplock or Zecop, which do the same job. Once the stolen pc goes online, an email with the ip used is sent to an address you set in advance, and the hdd - or selected partitions/folders - can become encrypted.

---TK---
---TK---

No-ip.com, their utility updates the IP of the PC, everytime the PC access a network..... Track the IP to the physical address, there ya go... or you can have a script start up that creates a time stamp with its IP address in a .txt file on a server... just make sure you allow it through your routers... Really any utility that calls home will work...

sean
sean

Our company uses the Kaseya remote management software to keep track of our users and believe it or not, one of our clients users had their laptop stolen from their home and we worked with the police who worked with Comcast to locate and apprehend the thief. I've never had more fun with remote management than I did when all of us and that user were watching this guy for half the day. The thief actually used his own credit card to pay for security software!

GURUmicro
GURUmicro

Well any number of boot disks out there will reset Windows logins in a matter of minutes. A hidden remote access application (especially when previously added to firewall and anti-virus exceptions) would not be so easily noticed by a novice. We all know a smart thief would have just wiped the drive immediately and put Linux on it ;) Another thought, the victim probably had a keylogger/screen capture software installed on it so he could keep tabs on his wife and kids!! Most credible versions that are out now will email (or upload to a server) key strokes and screen shots at scheduled intervals and they do run fairly stealthy, masked as a service usually.

Tank252ca
Tank252ca

You can configure VNC to use the VNC client in which case you may need to open the right port on your firewall, or you can use the Java client via a web browser in which case it uses http. I had packet fragmentation issues with VNC 1.0.2 which caused constant disconnects between XP clients. Hopefully 1.0.5 resolves some of those issues. I'm still using GoToMyPC until I can get VNC to stay connected. With firewalls and dynamic IPs you may also need a DNS updater. I use Dyndns.org and their free dynamic DNS updater tool to get the IP of my home computer, but it leaves an icon in the status bar that may warn a savvy thief. It's required with VNC sometimes because you're connecting directly to the client and need the IP address. Not needed for GoToMyPC because their service acts as an intermediary.

Editor's Picks